Contents

SAML 2.0

SAML 2.0

SAML 2.0

The Security Assertion Markup Language (SAML) is an
XML-based standard for exchanging authentication and authorization data between security
domains.

SAML exchanges security information between an identity provider (a producer of assertions) and
a service provider (a consumer of assertions). SAML is a product of the OASIS Security Services
Technical Committee. When implemented correctly, SAML is one of the most secure methods of single
sign-on available.

The SAML 2.0 integration enables single sign-on by exchanging XML tokens with an external Identity Provider (IdP). The
identity provider authenticates the user and passes a NameID token to the system. If the system
finds a user with a matching NameID token (for example, the email address), the instance logs in
that user.

If you are using the SAML 2.0 plugin for Single Sign-on authentication, then you need to set
the glide.ui.rotate_sessions property to false. Otherwise, it interferes with the session
information sharing that takes place between the instance and the Identity Provider. Users with the
security_admin elevated privilege can access this high security property by selecting System Security > High Security Settings.